Description
MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718.
Exploits (2)
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/10/07/1
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-734-1
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/34296
Scores
EPSS
0.0452
EPSS Percentile
89.2%
Details
CWE
CWE-399
Status
published
Products (20)
mplayer/mplayer
0.90
mplayer/mplayer
0.90_pre
mplayer/mplayer
0.90_rc
mplayer/mplayer
0.90_rc4
mplayer/mplayer
0.91
mplayer/mplayer
0.92
mplayer/mplayer
0.92.1
mplayer/mplayer
0.92_cvs
mplayer/mplayer
1.0_pre1
mplayer/mplayer
1.0_pre2
... and 10 more
Published
Oct 20, 2008
Tracked Since
Feb 18, 2026